iPXE
rbg.c
Go to the documentation of this file.
1 /*
2  * Copyright (C) 2012 Michael Brown <mbrown@fensystems.co.uk>.
3  *
4  * This program is free software; you can redistribute it and/or
5  * modify it under the terms of the GNU General Public License as
6  * published by the Free Software Foundation; either version 2 of the
7  * License, or any later version.
8  *
9  * This program is distributed in the hope that it will be useful, but
10  * WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12  * General Public License for more details.
13  *
14  * You should have received a copy of the GNU General Public License
15  * along with this program; if not, write to the Free Software
16  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
17  * 02110-1301, USA.
18  *
19  * You can also choose to distribute this program under the terms of
20  * the Unmodified Binary Distribution Licence (as given in the file
21  * COPYING.UBDL), provided that you have satisfied its requirements.
22  *
23  * Alternatively, you may distribute this code in source or binary
24  * form, with or without modification, provided that the following
25  * conditions are met:
26  *
27  * 1. Redistributions of source code must retain the above copyright
28  * notice, this list of conditions and the above disclaimer.
29  *
30  * 2. Redistributions in binary form must reproduce the above
31  * copyright notice, this list of conditions and the above
32  * disclaimer in the documentation and/or other materials provided
33  * with the distribution.
34  */
35 
36 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
37 
38 /** @file
39  *
40  * RBG mechanism
41  *
42  * This mechanism is designed to comply with ANS X9.82 Part 4 (April
43  * 2011 Draft) Section 10. This standard is unfortunately not freely
44  * available.
45  *
46  * The chosen RBG design is that of a DRBG with a live entropy source
47  * with no conditioning function. Only a single security strength is
48  * supported. No seedfile is used since there may be no non-volatile
49  * storage available. The system UUID is used as the personalisation
50  * string.
51  */
52 
53 #include <stdint.h>
54 #include <string.h>
55 #include <ipxe/init.h>
56 #include <ipxe/settings.h>
57 #include <ipxe/uuid.h>
58 #include <ipxe/crypto.h>
59 #include <ipxe/drbg.h>
60 #include <ipxe/rbg.h>
61 
62 /** The RBG */
64 
65 /**
66  * Start up RBG
67  *
68  * @ret rc Return status code
69  *
70  * This is the RBG_Startup function defined in ANS X9.82 Part 4 (April
71  * 2011 Draft) Section 9.1.2.2.
72  */
73 static int rbg_startup ( void ) {
74  union uuid uuid;
75  int len;
76  int rc;
77 
78  /* Try to obtain system UUID for use as personalisation
79  * string, in accordance with ANS X9.82 Part 3-2007 Section
80  * 8.5.2. If no UUID is available, proceed without a
81  * personalisation string.
82  */
83  if ( ( len = fetch_uuid_setting ( NULL, &uuid_setting, &uuid ) ) < 0 ) {
84  rc = len;
85  DBGC ( &rbg, "RBG could not fetch personalisation string: "
86  "%s\n", strerror ( rc ) );
87  len = 0;
88  }
89 
90  /* Instantiate DRBG */
91  if ( ( rc = drbg_instantiate ( &rbg.state, &uuid, len ) ) != 0 ) {
92  DBGC ( &rbg, "RBG could not instantiate DRBG: %s\n",
93  strerror ( rc ) );
94  return rc;
95  }
96 
97  return 0;
98 }
99 
100 /**
101  * Shut down RBG
102  *
103  */
104 static void rbg_shutdown ( void ) {
105 
106  /* Uninstantiate DRBG */
108 }
109 
110 /** RBG startup function */
111 static void rbg_startup_fn ( void ) {
112 
113  /* Start up RBG. There is no way to report an error at this
114  * stage, but a failed startup will result in an invalid DRBG
115  * that refuses to generate bits.
116  */
117  rbg_startup();
118 }
119 
120 /** RBG shutdown function */
121 static void rbg_shutdown_fn ( int booting __unused ) {
122 
123  /* Shut down RBG */
124  rbg_shutdown();
125 }
126 
127 /** RBG startup table entry */
128 struct startup_fn startup_rbg __startup_fn ( STARTUP_NORMAL ) = {
129  .name = "rbg",
130  .startup = rbg_startup_fn,
131  .shutdown = rbg_shutdown_fn,
132 };
#define STARTUP_NORMAL
Normal startup.
Definition: init.h:63
struct arbelprm_rc_send_wqe rc
Definition: arbel.h:14
DRBG mechanism.
FILE_LICENCE(GPL2_OR_LATER_OR_UBDL)
A universally unique ID.
Definition: uuid.h:15
static int rbg_startup(void)
Start up RBG.
Definition: rbg.c:73
#define DBGC(...)
Definition: compiler.h:505
Universally unique IDs.
Cryptographic API.
static void rbg_shutdown_fn(int booting __unused)
RBG shutdown function.
Definition: rbg.c:121
const char * name
Definition: init.h:42
A startup/shutdown function.
Definition: init.h:41
An RBG.
Definition: rbg.h:16
RBG mechanism.
Configuration settings.
static void rbg_startup_fn(void)
RBG startup function.
Definition: rbg.c:111
struct startup_fn startup_rbg __startup_fn(STARTUP_NORMAL)
RBG startup table entry.
char * strerror(int errno)
Retrieve string representation of error number.
Definition: strerror.c:78
static void rbg_shutdown(void)
Shut down RBG.
Definition: rbg.c:104
int drbg_instantiate(struct drbg_state *state, const void *personal, size_t personal_len)
Instantiate DRBG.
Definition: drbg.c:78
struct random_bit_generator rbg
The RBG.
Definition: rbg.c:63
#define __unused
Declare a variable or data structure as unused.
Definition: compiler.h:573
uint32_t len
Length.
Definition: ena.h:14
int fetch_uuid_setting(struct settings *settings, const struct setting *setting, union uuid *uuid)
Fetch value of UUID setting.
Definition: settings.c:1083
void drbg_uninstantiate(struct drbg_state *state)
Uninstantiate DRBG.
Definition: drbg.c:423
#define NULL
NULL pointer (VOID *)
Definition: Base.h:362
struct drbg_state state
DRBG state.
Definition: rbg.h:18
String functions.